grahamg · April 3, 2011 02:53
diff --git a/Linux Command Reference b/Linux Command Reference
 Plesk port: 8443
 R1Soft CDP port: 1167
 cPanel port: WHM over SSL = 2087
             cPanel over SSL = 2083
             regular WHM = 2086
             regular cPanel = 2082

 feedback loop information:
 http://www.eliteemail.com/features/email-delivery/feedback-loops/

 find . -type f -print | xargs grep -li "find me"

 Search for spam:
 grep -rh mail\( /home | grep -v email > /root/mail.txt

 The Plesk admin password is stored as cipher text here: /etc/psa/.psa.shadow 

 For when people give mass rdns changes and the formatting is messed up, save to a file then:
 cat test | awk '{gsub(/:/, ""); print $2 " " $1}'

 Path for Plesk named zone file records:
 note, its recommended to attempt to edit these in the control panel web interface first
 /var/named/run-root/var

 Get occurrence count for malware scan from maldet:
 /root/maldetect-report-jan5.txt | awk -F "/" '{print $3}' | sort | uniq -c | sort -n

 Avoid 500 HTTP errors:
 files should have permission 644, while directories should have 755
 # find . -type f -exec chmod 644 {} \;
 # find . -type d -exec chmod 755 {} \;
 ...Here's a remainder from Linux 101
 Owner Group Other
 r w x r w x r w x
 4 2 1 4 2 1 4 2 1

 Print file permissions in octal mode
 # stat -c '%n %a %A'

 Reset the 'sa' password for MSSQL databases:
 1. stop the running mssql services
 2. open a command line and find the directory with the mssql install
 3. it should be something like c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\
 4. in the directory run: sqlservr.exe -m -s SERVERNAME
 5. where SERVERNAME is whatever the MSSQL server is named (it'll be in parenthesis in the name of the SQL Server service)
 6. then use the GUI to reset the password

 Chattr, change ext2 file system data
 $ chattr +A myFile -- Don't change the Access time of this file.
 $ chattr -V +A myFile -- Same as above. But show verbose output.
 $ chattr +c myFile -- Save the file in compressed mode.
 # chattr +i myFile -- Make the file as Read-Only.=
 $ chattr +s myFile -- Mark the file as secrete. During deletion its 
 blocks are Zeroed.
 $ chattr +u myFile -- Mark for undeletion. If this file is deleted, 
 user can ask for undelete.
 $ chattr +S myFile -- The changes in the file are written
 synchronously on the disk.
 # chattr -i myFile -- Remove the Read-Only Mark.
 $ chattr =Ac myFile -- Set only A & c bit. Clear all other bits.

 Rapidly invoke an editor to write a long, complex, or tricky command
 # ctrl-x e

 Usual command pattern to repair disk in rescue mode
 # fsck -fyC /dev/sda3

 Grep Commands:
 the word grep where it is searching only for the word “is” -> # grep -iw "is" demo_file
 case insensitive search -> # grep -i "string" FILE
 match regular expressions in files -> # grep "REGEX" filename
 the flag A is the option which prints the specified N lines after the match as shown, -B is the option which prints the specified N lines before the match
 information form the Exim main log file regarding the Spam score -> # grep '\[Spam score: [1-9]' /var/log/exim_mainlog | awk '{print $3}' | xargs -t -i grep {} /var/log/exim_mainlog > /var/log/spam_score.log

 Use if a user has problems with permissions in public_html
 # /scripts/chownpublichtmls (cPanel)

 Check the name servers handling a domain at the specified IP. Useful for when propagation has not completed
 # dig NS @serverIP domain.com

 Copy your public-key to remote-machine for public-key authentication
 # ssh-copy-id remote-machine
 Or alternatively:
 your-machine$ scp ~/.ssh/identity.pub remote-machine:
 your-machine$ ssh remote-machine
 remote-machine$ cat identity.pub >> ~/.ssh/authorized_keys

 Find the last command that begins with "whatever," but avoid running it
 # !whatever:p

 Save a file you edited in vim without the needed permissions
 # :w !sudo tee %

 Serve the current directory at http://localhost:8000/
 # python -m SimpleHTTPServer

 Useful for when un-mounting a disk and it's listed as busy
 # fuser -cu /mnt/eg_disk

 View the *.tar.gz file content without extracting
 # tar tvfz archive_name.tar.gz

 Verify the archive file that got created using the option W 
 # tar cvfW file_name.tar dir/

 Extract a group of files with the following extenstion
 # tar xvf archive_file.tar --wildcards '*.pl'

 Display the currently running daemons
 # netstat -lnp --ip

 View how many connections you have currently on your server
 # netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

 Check if server being effected by a SYN flood
 # netstat -na | grep SYN | wc -l

 Check if server is currently under a DDOS attack
 # netstat -alpn | grep :80 | awk '{print $5}' |awk -F: '{print $(NF-1)}' |sort | uniq -c | sort -n
 note: http://www.bloodyerror.com/2009/07/unix-shell-command-to-detect-ddos-attack/

 Dump all MySQL databases in current directory
 # for i in $( mysql -B -N -e "show databases;" ); do mysqldump $i > $i.sql;done

 See Every Process Running As User grahamg
 # ps -U grahamg -u grahamg u

 Find the Top 10 Memory Consuming Processes
 # ps auxf | sort -nr -k 4 | head -10

 Find the Top 10 CPU Consuming Processes
 # ps auxf | sort -nr -k 3 | head -10

 Display Memory Utilization Slabinfo
 # vmstat -m
 note: the '-a' flag will display information about active/inactive memory pages when 
 replaced with '-m'. Also putting an integer after this command will configure how long
 until it will update in seconds.

 Display Process Memory Information for PID# 13057
 # pmap -d 13057

 Real Time Network Statistics
 # iptraf

 To display all TCP network traffic on port 8443 with delta.grahamg.org as the dest 
 # tcpdump -i eth0 'dst delta.grahamg.org and tcp and port 8443'

 To display all HTTP session to 192.168.1.5
 # tcpdump -ni eth0 'dst 192.168.1.5 and tcp and port http'

 To display all FTP session to 202.54.1.5
 # tcpdump -i eth0 'dst 202.54.1.5 and (port 21 or 20)'

 Display all IPv4 HTTP packets to and from port 80, print only packets that contain
 data (e.g. SYN, FIN and ACK-only packets)
 # tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'

 …another example
 # tcpdump -i eth0 'udp port 53'

 Important files in the '/proc' directory
 /proc/cpuinfo
 /proc/meminfo
 /proc/zoneinfo
 /proc/mounts

 Common iptables commands
 iptables -I INPUT -j ACCEPT # all traffic is accessible by remote systems and provides NO filtering. 
 iptables -I INPUT -s  <sourceip> -j DROP # deny the selected source ip address
 iptables -I OUTPUT -d <destip> -j DROP # deny the selected destination ip address

 GNU Screen Reference
 screen -dRR (Attaches to a screen session. If the session is attached elsewhere, detaches that other display. If no session exists, creates one. If multiple sessions exist, uses the first one.)
 create new window	C-a c
 change to last-visited active window	C-a C-a (commonly used to flip-flop between two windows)
 change to window by number	C-a <number> (only for windows 0 to 9)
 change to window by number or name	C-a ' <number or title>
 change to next window in list	C-a n or C-a <space>
 change to previous window in list	C-a p or C-a <backspace>
 see window list	C-a " (allows you to select a window to change to)
 show window bar	C-a w (if you don't have window bar)
 close current window	 Close all applications in the current window (including shell)
 kill current window	C-a k (not recommended)
 rename current window	C-a A

 Split screen
 split display horizontally	C-a S
 split display vertically	C-a |
 jump to next display region	C-a tab
 remove current region	C-a X
 remove all regions but the current one	C-a Q

 --------------------
 labeling these from jordan's notes:

 Show the number of each unique IP address connected on port 80
 # netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1

 Show the number of established numeric TCP connections on port 80
 # netstat -tn | grep :80 | grep -i established | wc -l

 Show the individual number of each type of TCP connection (i.e. ESTABLISHED, LISTEN, TIME_WAIT)
 # netstat -an|awk '/tcp/ {print $6}'|sort| uniq -c


 # lsof -c httpd |grep cwd|grep home| awk '{print $9}'|cut -f3 -d\/|sort  -n| uniq -c|sort -n

 for pid in `pidof httpd`; do lsof -p $pid; done | grep "/home" | cut -d"/" -f 3 | sort | uniq -c | sort -n
 for id in `zgrep EMAILADDRESSGOESHERE /var/log/exim_mainlog* | awk '{print $3}'`; do zgrep $id /var/log/exim_mainlog*; done

 From the current directory, recursively search each dir for an .htaccess file for "php_value" or "php_flag" and print the path
 # find -name .htaccess -exec grep -H php_value {} \;
 # find -name .htaccess -exec grep -H php_flag {} \;

 for domain in `/usr/.tstools/scoreboard | awk '{print $12}' | sort | uniq -c | sort -n | awk '{print $2}'`; do echo $domain; echo "-----------------"; /usr/.tstools/scoreboard | grep $domain; echo ""; echo ""; done | less
 ll /proc/*/ 2>/dev/null | grep /home | sort | uniq -c | sort -n
 sed -i 's/[0-9]\{10\}/2010082201/g' /var/named/*.db 
 for each in `find /var/qmail/queue/remote/ -type f | sed 's/\/remote\//\/mess\//g'` ; do if [ `egrep "invoked by uid 110" $each ; echo $?` -gt 0 ] 2>/dev/null ; then egrep -m 1 "Subject: " $each && egrep -m 2 "Received: " $each && echo $each ; echo ; fi ; done

 For any OpenVZ/Virtuozzo system print the load averages for each container
 # for i in $(vzlist | awk '{print $1}'); do echo -n "VEID $i "; vzctl exec $i cat /proc/loadavg; done;

 find /usr/local/cpanel/3rdparty/mailman/cgi-bin/* ! -perm 2755 ! -name create -exec chmod -v 2755 '{}' \;

 if php files are downloading instead of loading check

 /usr/local/cpanel/bin/rebuild_phpconf --current
 Available handlers: suphp dso cgi none
 DEFAULT PHP: 5
 PHP4 SAPI: none
 PHP5 SAPI: none
 SUEXEC: enabled

 run:

 /usr/local/cpanel/bin/rebuild_phpconf 5 suphp suphp 1

 or for cgi/dso:

 /usr/local/cpanel/bin/rebuild_phpconf 5 cgi dso 1

 for each in `fgrep -r \<script\ language\=javascript\>\<\!\-\- * | awk -F: '{print $1}'`; do
 if [[ `grep -c replace $each` == 1 ]]; then
                sed -i 's/<\/script><body/<\/script>\n<body/g' $each
                sed -i '/<script language=javascript><!--/,+2d' $each
 fi
 done

 /usr/local/cpanel/etc/init/stopcphulkd

 for i in `find -type d -maxdepth 1`; do echo -n $i; echo -n " "; find $i | wc -l ; done

 find . -printf '%i\n' | sort -u | wc -l

 openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt
 ----------

 help find spam scripts:

 (6:39:48 AM) [email protected]/jcooks: fgrep -r mail\( /home/*/public_html/*
 (6:40:40 AM) [email protected]/jcooks: for i in `cut -d\: -f2 /etc/trueuserdomains`; do fgrep -r mail\( /home/$i/public_html/* | grep -v email\( | grep -v e\-mail | grep -v class-phpmailer.php >> /root/$i-mail;done

 ----------
 Added 10/28/2011:
 How to compile php-sqlite, php-sqlite3 and php-mcrypt on CentOS and RHEL
 http://www.exteon.ro/en/articles/php/compile-extensions

 For netman DDos utility use this query to find the network traffic for a specific IP address where the desired IP address is 1.1.1.1: dst net 1.1.1.1/29 or src net 1.1.1.1/29

 -----------

 (1:57:46 AM) Sam Bowling: [sbowling@snorlax ~]$ cat .bashrc |grep pwg
 alias pwg='dd if=/dev/urandom count=1 2> /dev/null | uuencode -m - | sed -ne 2p | cut -c-12'
 [sbowling@snorlax ~]$

 https://www.grc.com/passwords.htm

 ---

 How to find the number of Subnetworks
 If Class A Address then, 2^(CIDR-8 Network Bits)= Subnetworks
 If Class B Address then, 2^(CIDR-16 Network Bits)= Subnetworks
 If Class C Address then, 2^(CIDR-24 Network Bits)= Subnetworks

 How to find the number of usable host
 2^(32 Bits- CIDR)-2= Usable Hosts

 How to find Subnetwork Interval 
 If CIDR< 8 then, 2^(8-CIDR)= Subnetwork Interval
 If CIDR< 16 then, 2^(16-CIDR)= Subnetwork Interval
 If CIDR< 24 then, 2^(24-CIDR)= Subnetwork Interval
 If CIDR< 32 then, 2^(32-CIDR)= Subnetwork Interval
	Plesk port: 8443
	R1Soft CDP port: 1167
	cPanel port: WHM over SSL = 2087
	cPanel over SSL = 2083
	regular WHM = 2086
	regular cPanel = 2082

	feedback loop information:
	http://www.eliteemail.com/features/email-delivery/feedback-loops/

	find . -type f -print \| xargs grep -li "find me"

	Search for spam:
	grep -rh mail\( /home \| grep -v email > /root/mail.txt

	The Plesk admin password is stored as cipher text here: /etc/psa/.psa.shadow

	For when people give mass rdns changes and the formatting is messed up, save to a file then:
	cat test \| awk '{gsub(/:/, ""); print $2 " " $1}'

	Path for Plesk named zone file records:
	note, its recommended to attempt to edit these in the control panel web interface first
	/var/named/run-root/var

	Get occurrence count for malware scan from maldet:
	/root/maldetect-report-jan5.txt \| awk -F "/" '{print $3}' \| sort \| uniq -c \| sort -n

	Avoid 500 HTTP errors:
	files should have permission 644, while directories should have 755
	# find . -type f -exec chmod 644 {} \;
	# find . -type d -exec chmod 755 {} \;
	...Here's a remainder from Linux 101
	Owner Group Other
	r w x r w x r w x
	4 2 1 4 2 1 4 2 1

	Print file permissions in octal mode
	# stat -c '%n %a %A'

	Reset the 'sa' password for MSSQL databases:
	1. stop the running mssql services
	2. open a command line and find the directory with the mssql install
	3. it should be something like c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\
	4. in the directory run: sqlservr.exe -m -s SERVERNAME
	5. where SERVERNAME is whatever the MSSQL server is named (it'll be in parenthesis in the name of the SQL Server service)
	6. then use the GUI to reset the password

	Chattr, change ext2 file system data
	$ chattr +A myFile -- Don't change the Access time of this file.
	$ chattr -V +A myFile -- Same as above. But show verbose output.
	$ chattr +c myFile -- Save the file in compressed mode.
	# chattr +i myFile -- Make the file as Read-Only.=
	$ chattr +s myFile -- Mark the file as secrete. During deletion its
	blocks are Zeroed.
	$ chattr +u myFile -- Mark for undeletion. If this file is deleted,
	user can ask for undelete.
	$ chattr +S myFile -- The changes in the file are written
	synchronously on the disk.
	# chattr -i myFile -- Remove the Read-Only Mark.
	$ chattr =Ac myFile -- Set only A & c bit. Clear all other bits.

	Rapidly invoke an editor to write a long, complex, or tricky command
	# ctrl-x e

	Usual command pattern to repair disk in rescue mode
	# fsck -fyC /dev/sda3

	Grep Commands:
	the word grep where it is searching only for the word “is” -> # grep -iw "is" demo_file
	case insensitive search -> # grep -i "string" FILE
	match regular expressions in files -> # grep "REGEX" filename
	the flag A is the option which prints the specified N lines after the match as shown, -B is the option which prints the specified N lines before the match
	information form the Exim main log file regarding the Spam score -> # grep '\[Spam score: [1-9]' /var/log/exim_mainlog \| awk '{print $3}' \| xargs -t -i grep {} /var/log/exim_mainlog > /var/log/spam_score.log

	Use if a user has problems with permissions in public_html
	# /scripts/chownpublichtmls (cPanel)

	Check the name servers handling a domain at the specified IP. Useful for when propagation has not completed
	# dig NS @serverIP domain.com

	Copy your public-key to remote-machine for public-key authentication
	# ssh-copy-id remote-machine
	Or alternatively:
	your-machine$ scp ~/.ssh/identity.pub remote-machine:
	your-machine$ ssh remote-machine
	remote-machine$ cat identity.pub >> ~/.ssh/authorized_keys

	Find the last command that begins with "whatever," but avoid running it
	# !whatever:p

	Save a file you edited in vim without the needed permissions
	# :w !sudo tee %

	Serve the current directory at http://localhost:8000/
	# python -m SimpleHTTPServer

	Useful for when un-mounting a disk and it's listed as busy
	# fuser -cu /mnt/eg_disk

	View the *.tar.gz file content without extracting
	# tar tvfz archive_name.tar.gz

	Verify the archive file that got created using the option W
	# tar cvfW file_name.tar dir/

	Extract a group of files with the following extenstion
	# tar xvf archive_file.tar --wildcards '*.pl'

	Display the currently running daemons
	# netstat -lnp --ip

	View how many connections you have currently on your server
	# netstat -ntu \| awk '{print $5}' \| cut -d: -f1 \| sort \| uniq -c \| sort -n

	Check if server being effected by a SYN flood
	# netstat -na \| grep SYN \| wc -l

	Check if server is currently under a DDOS attack
	# netstat -alpn \| grep :80 \| awk '{print $5}' \|awk -F: '{print $(NF-1)}' \|sort \| uniq -c \| sort -n
	note: http://www.bloodyerror.com/2009/07/unix-shell-command-to-detect-ddos-attack/

	Dump all MySQL databases in current directory
	# for i in $( mysql -B -N -e "show databases;" ); do mysqldump $i > $i.sql;done

	See Every Process Running As User grahamg
	# ps -U grahamg -u grahamg u

	Find the Top 10 Memory Consuming Processes
	# ps auxf \| sort -nr -k 4 \| head -10

	Find the Top 10 CPU Consuming Processes
	# ps auxf \| sort -nr -k 3 \| head -10

	Display Memory Utilization Slabinfo
	# vmstat -m
	note: the '-a' flag will display information about active/inactive memory pages when
	replaced with '-m'. Also putting an integer after this command will configure how long
	until it will update in seconds.

	Display Process Memory Information for PID# 13057
	# pmap -d 13057

	Real Time Network Statistics
	# iptraf

	To display all TCP network traffic on port 8443 with delta.grahamg.org as the dest
	# tcpdump -i eth0 'dst delta.grahamg.org and tcp and port 8443'

	To display all HTTP session to 192.168.1.5
	# tcpdump -ni eth0 'dst 192.168.1.5 and tcp and port http'

	To display all FTP session to 202.54.1.5
	# tcpdump -i eth0 'dst 202.54.1.5 and (port 21 or 20)'

	Display all IPv4 HTTP packets to and from port 80, print only packets that contain
	data (e.g. SYN, FIN and ACK-only packets)
	# tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'

	…another example
	# tcpdump -i eth0 'udp port 53'

	Important files in the '/proc' directory
	/proc/cpuinfo
	/proc/meminfo
	/proc/zoneinfo
	/proc/mounts

	Common iptables commands
	iptables -I INPUT -j ACCEPT # all traffic is accessible by remote systems and provides NO filtering.
	iptables -I INPUT -s <sourceip> -j DROP # deny the selected source ip address
	iptables -I OUTPUT -d <destip> -j DROP # deny the selected destination ip address

	GNU Screen Reference
	screen -dRR (Attaches to a screen session. If the session is attached elsewhere, detaches that other display. If no session exists, creates one. If multiple sessions exist, uses the first one.)
	create new window C-a c
	change to last-visited active window C-a C-a (commonly used to flip-flop between two windows)
	change to window by number C-a <number> (only for windows 0 to 9)
	change to window by number or name C-a ' <number or title>
	change to next window in list C-a n or C-a <space>
	change to previous window in list C-a p or C-a <backspace>
	see window list C-a " (allows you to select a window to change to)
	show window bar C-a w (if you don't have window bar)
	close current window Close all applications in the current window (including shell)
	kill current window C-a k (not recommended)
	rename current window C-a A

	Split screen
	split display horizontally C-a S
	split display vertically C-a \|
	jump to next display region C-a tab
	remove current region C-a X
	remove all regions but the current one C-a Q

	--------------------
	labeling these from jordan's notes:

	Show the number of each unique IP address connected on port 80
	# netstat -plan\|grep :80\|awk {'print $5'}\|cut -d: -f 1\|sort\|uniq -c\|sort -nk 1

	Show the number of established numeric TCP connections on port 80
	# netstat -tn \| grep :80 \| grep -i established \| wc -l

	Show the individual number of each type of TCP connection (i.e. ESTABLISHED, LISTEN, TIME_WAIT)
	# netstat -an\|awk '/tcp/ {print $6}'\|sort\| uniq -c


	# lsof -c httpd \|grep cwd\|grep home\| awk '{print $9}'\|cut -f3 -d\/\|sort -n\| uniq -c\|sort -n

	for pid in `pidof httpd`; do lsof -p $pid; done \| grep "/home" \| cut -d"/" -f 3 \| sort \| uniq -c \| sort -n
	for id in `zgrep EMAILADDRESSGOESHERE /var/log/exim_mainlog* \| awk '{print $3}'`; do zgrep $id /var/log/exim_mainlog*; done

	From the current directory, recursively search each dir for an .htaccess file for "php_value" or "php_flag" and print the path
	# find -name .htaccess -exec grep -H php_value {} \;
	# find -name .htaccess -exec grep -H php_flag {} \;

	for domain in `/usr/.tstools/scoreboard \| awk '{print $12}' \| sort \| uniq -c \| sort -n \| awk '{print $2}'`; do echo $domain; echo "-----------------"; /usr/.tstools/scoreboard \| grep $domain; echo ""; echo ""; done \| less
	ll /proc/*/ 2>/dev/null \| grep /home \| sort \| uniq -c \| sort -n
	sed -i 's/[0-9]\{10\}/2010082201/g' /var/named/*.db
	for each in `find /var/qmail/queue/remote/ -type f \| sed 's/\/remote\//\/mess\//g'` ; do if [ `egrep "invoked by uid 110" $each ; echo $?` -gt 0 ] 2>/dev/null ; then egrep -m 1 "Subject: " $each && egrep -m 2 "Received: " $each && echo $each ; echo ; fi ; done

	For any OpenVZ/Virtuozzo system print the load averages for each container
	# for i in $(vzlist \| awk '{print $1}'); do echo -n "VEID $i "; vzctl exec $i cat /proc/loadavg; done;

	find /usr/local/cpanel/3rdparty/mailman/cgi-bin/* ! -perm 2755 ! -name create -exec chmod -v 2755 '{}' \;

	if php files are downloading instead of loading check

	/usr/local/cpanel/bin/rebuild_phpconf --current
	Available handlers: suphp dso cgi none
	DEFAULT PHP: 5
	PHP4 SAPI: none
	PHP5 SAPI: none
	SUEXEC: enabled

	run:

	/usr/local/cpanel/bin/rebuild_phpconf 5 suphp suphp 1

	or for cgi/dso:

	/usr/local/cpanel/bin/rebuild_phpconf 5 cgi dso 1

	for each in `fgrep -r \<script\ language\=javascript\>\<\!\-\- * \| awk -F: '{print $1}'`; do
	if [[ `grep -c replace $each` == 1 ]]; then
	sed -i 's/<\/script><body/<\/script>\n<body/g' $each
	sed -i '/<script language=javascript><!--/,+2d' $each
	fi
	done

	/usr/local/cpanel/etc/init/stopcphulkd

	for i in `find -type d -maxdepth 1`; do echo -n $i; echo -n " "; find $i \| wc -l ; done

	find . -printf '%i\n' \| sort -u \| wc -l

	openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt
	----------

	help find spam scripts:

	(6:39:48 AM) [email protected]/jcooks: fgrep -r mail\( /home//public_html/
	(6:40:40 AM) [email protected]/jcooks: for i in `cut -d\: -f2 /etc/trueuserdomains`; do fgrep -r mail\( /home/$i/public_html/* \| grep -v email\( \| grep -v e\-mail \| grep -v class-phpmailer.php >> /root/$i-mail;done

	----------
	Added 10/28/2011:
	How to compile php-sqlite, php-sqlite3 and php-mcrypt on CentOS and RHEL
	http://www.exteon.ro/en/articles/php/compile-extensions

	For netman DDos utility use this query to find the network traffic for a specific IP address where the desired IP address is 1.1.1.1: dst net 1.1.1.1/29 or src net 1.1.1.1/29

	-----------

	(1:57:46 AM) Sam Bowling: [sbowling@snorlax ~]$ cat .bashrc \|grep pwg
	alias pwg='dd if=/dev/urandom count=1 2> /dev/null \| uuencode -m - \| sed -ne 2p \| cut -c-12'
	[sbowling@snorlax ~]$

	https://www.grc.com/passwords.htm

	---

	How to find the number of Subnetworks
	If Class A Address then, 2^(CIDR-8 Network Bits)= Subnetworks
	If Class B Address then, 2^(CIDR-16 Network Bits)= Subnetworks
	If Class C Address then, 2^(CIDR-24 Network Bits)= Subnetworks

	How to find the number of usable host
	2^(32 Bits- CIDR)-2= Usable Hosts

	How to find Subnetwork Interval
	If CIDR< 8 then, 2^(8-CIDR)= Subnetwork Interval
	If CIDR< 16 then, 2^(16-CIDR)= Subnetwork Interval
	If CIDR< 24 then, 2^(24-CIDR)= Subnetwork Interval
	If CIDR< 32 then, 2^(32-CIDR)= Subnetwork Interval